SECURITY PLAN THAT CAN BE APPLIED TO SOLVE DEFICIENT IN SOME KEY AREAS OF INFORMATION SECURITY
by Ku Rasyidah
1. EMPLOYEE SECURITY TRAINING TIPS : SOCIAL ENGINEERING
1.1. MAKE A LONG PASSWORD : ~ AT LEAST 8 CHARACTERS LONG AND SYSTEMS PASSWORDS 12 - 50 CHARACTERS.
1.2. CONSIDER THE SOURCE : ~ DO NOT CLICK ON LINKS OR OPEN ATTACHMENTS FROM SUSPICIOUS SOURCES. ~ NO MATTER HOW LEGITIMATE AN EMAIL APPEARS, IT IS SAFER TO TYPE A URL INTO YOUR BROWSER INSTEAD OF CLICKING ON A LINK.
1.3. SLOW DOWN : ~ SOCIAL ENGINEERS OFTEN COUNT ON THEIR TARGETS TO MOVE QUICKLY WITHOUT CONSIDERING THE POSSIBILITY THAT A SCAMMER MAY BE BEHIND THE EMAIL, PHONE CALL, OR FACE-TO-FACE REQUEST ON WHICH THEY'RE ACTING.
1.4. INSTALL AN ANTIVIRUS SOFTWARE OR A SECURITY SUITE : ~ KEEP THE ANTIVIRUS UP TO DATE. ~ MAKE SURE ALL THE COMPUTER AND OTHER DEVICES ARE RUNNING THE LATEST VERSIONS OF THEIR OPERATING SOFTWARE.
2. EMPLOYEE SECURITY TRAINING TIPS : A STRONG PASSWORD
2.1. AVOID COMMON SUBSTITUTIONS
2.2. NOT A DICTIONARY WORD OR COMBINATION OF DICTIONARY WORDS : ~ STAY AWAY FROM OBVIOUS DICTIONARY WORDS.
2.3. INCLUDES NUMBERS, SYMBOLS, CAPITAL LETTERS AND LOWER-CASE LETTERS : ~ USE A MIX OF DIFFERENT TYPES OF CHARACTERS TO MAKE THE PASSWORD HARDER TO CRACK.
2.4. VARIATION : ~ CHANGE PASSWORDS OFTEN. ~ SET A A REMINDER TO CHANGE THE PASSWORDS YOU HAVE FOR EMAIL, BANKING, AND CREDIT CARD WEBSITES ON THE AVERAGE OF EVERY THREE TO FOUR MONTHS. ~ USE A DIFFERENT PASSWORD FOR EACH SITE OR COMPUTER THAT YOU USE.
3. EMPLOYEE SECURITY TRAINING TIPS : AWARENESS AMONG EMPLOYEES TO STAY ALERT OF ANY VARIOUS THREATS OF INFORMATION
3.1. EMAIL SCAMS : ~ ALWAYS FILTER SPAM. ~ CONFIGURE YOUR EMAIL CLIENT PROPERLY. ~ DO NOT TRUST UNSOLICITED EMAILS. ~ DO NOT CLICK ON UNKNOWN LINKS IN EMAIL MESSAGES.
3.2. SAFE INTERNET HABITS : ~ EMPLOYEES MUST BE CONVERSANT WITH PHISHING ATTACKS AND LEARN NOT TO OPEN MALICIOUS ATTACHMENTS . ~ IT'S BETTER TO DISABLE POP-UP WINDOWS.
3.3. CLEAN DESK ~ ALL SENSITIVE AND CONFIDENTIAL INFORMATION SHOULD BE REMOVED FROM THE DESK AT THE END OF EACH WORKING DAY.
3.4. SOCIAL NETWORKING DANGERS : ~ EMPLOYEE SHOULD LIMIT THE USE OF SOCIAL NETWORKING . ~ NOT PROVIDE ANY CREDENTIALS OR LOGIN INFORMATION TO UNKNOWN SITES OR SITES THAT ARE SIMILAR TO THE ORIGINAL ONE.